[Python-modules-team] python-django_2.2.3-2_amd64.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Sun Jul 7 16:52:38 BST 2019
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 07 Jul 2019 11:59:04 -0300
Source: python-django
Binary: python-django-doc python3-django
Architecture: source all
Version: 2:2.2.3-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Modules Team <python-modules-team at lists.alioth.debian.org>
Changed-By: Chris Lamb <lamby at debian.org>
Description:
python-django-doc - High-level Python web development framework (documentation)
python3-django - High-level Python web development framework (Python 3 version)
Closes: 901526 905216 910016 910240 915626 918230 924784 931316
Changes:
python-django (2:2.2.3-2) unstable; urgency=medium
.
* Upload (Python 3.x-only) branch to unstable after the release of
Debian "buster".
* Update debian/gbp.conf to refer to debian/sid after merge.
.
python-django (2:2.2.3-1) experimental; urgency=medium
.
* New upstream security release.
<https://www.djangoproject.com/weblog/2019/jul/01/security-releases/>
(Closes: #931316)
.
python-django (2:2.2.1-1) experimental; urgency=medium
.
* New upstream bugfix release.
<https://docs.djangoproject.com/en/2.2/releases/2.2.1/>
.
python-django (2:2.2-1) experimental; urgency=medium
.
* New upstream realease.
<https://docs.djangoproject.com/en/2.2/releases/2.2/>
.
python-django (2:2.2~rc1-1) experimental; urgency=medium
.
* New upstream release candidate release.
<https://www.djangoproject.com/weblog/2019/mar/18/django-22-rc1/>
* Drop a test that fails with "OverflowError: timestamp out of range for
platform time_t" on 32-bit platforms. (Closes: #924784)
.
python-django (2:2.2~beta1-1) experimental; urgency=medium
.
* New upstream beta release.
<https://www.djangoproject.com/weblog/2019/feb/11/django-22-beta-1-released/>
.
python-django (2:2.2~alpha1-1) experimental; urgency=medium
.
* New upstream alpha release.
<https://www.djangoproject.com/weblog/2019/jan/17/django-22-alpha-1/>
.
python-django (2:2.1.5-1) experimental; urgency=medium
.
* New upstream security release:
- CVE-2019-3498: Content spoofing possibility in the default 404 page.
(Closes: #918230)
<https://www.djangoproject.com/weblog/2019/jan/04/security-releases/>
* Drop 0007-Fixed-29182-Adjusted-SQLite-schema-table-alteration-.patch;
applied upstream. (re. #915626)
* Move to debhelper-compat virtual package.
* debian/control:
- Bump debhelper compatibility level to 12.
- Bump Standards-Version to 4.3.0.
.
python-django (2:2.1.4-2) experimental; urgency=medium
.
* Apply patch from upstream to fix compatibility with SQLite 3.26.
(Closes: #915626)
.
python-django (2:2.1.4-1) experimental; urgency=medium
.
* New upstream bugfix release:
<https://docs.djangoproject.com/en/stable/releases/2.1.4/>
* Refresh patches.
.
python-django (2:2.1.3-1) experimental; urgency=medium
.
* New upstream bugfix release.
<https://docs.djangoproject.com/en/2.1/releases/2.1.3/>
.
python-django (2:2.1.2-2) experimental; urgency=medium
.
* Default to supporting Spatialite >= 4.2. (Closes: #910240)
* debian/control: Update libgdal's SONAME in Suggests.
* Add libsqlite3-mod-spatialite to Suggests.
.
python-django (2:2.1.2-1) experimental; urgency=medium
.
* New upstream security release.
.
CVE-2018-16984: Password hash disclosure to "view only" admin users. If an
admin user has the change permission to the user model, only part of the
password hash is displayed in the change form. Admin users with the view
(but not change) permission to the user model were displayed the entire
hash. While it's typically infeasible to reverse a strong password hash,
if a site uses weaker password hashing algorithms such as MD5 or SHA1,
it could be a problem. (Closes: #910016)
.
* Move all documentation to /usr/share/doc.
* Really remove all license files (eg. LICENSE-SELECT2.md).
* debian/tests/control: Drop deprecated needs-recommends test restriction.
.
python-django (2:2.1.1-1) experimental; urgency=medium
.
* New upstream bugfix release.
<https://docs.djangoproject.com/en/2.1/releases/2.1.1/>
* Bump Standards-Version to 4.2.1.
.
python-django (2:2.1-1) experimental; urgency=medium
.
* New upstream release.
- CVE-2018-14574: Open redirect possibility in CommonMiddleware.
(Closes: #905216)
.
python-django (2:2.1~rc1-1) experimental; urgency=medium
.
* New upstream RC release.
<https://www.djangoproject.com/weblog/2018/jul/18/django-21-rc1/>
* Bump Standards-Version to 4.1.5.
.
python-django (2:2.1~beta1-1) experimental; urgency=medium
.
* New upstream beta release. (Closes: #901526)
<https://www.djangoproject.com/weblog/2018/jun/18/django-21-beta-1-released/>.
* Patches:
- Drop 0006-Fixed-a-missing-pyc-test-file-in-source-distribution.patch;
applied upstream.
- Refresh all patches.
- Set gbp-pq's --abbrev's default to 12 in gbp.conf.
* Drop "old" X-Python-Version header in debian/control.
* debian/rules:
- Also remove LICENSE.md files.
- Delete all extra license files, not just the ones in the main package.
- Move dropping of extra license files to dh_installdocs.
.
python-django (2:2.1~alpha1-1) experimental; urgency=medium
.
* New upstream alpha release.
<https://docs.djangoproject.com/en/dev/releases/2.1/>.
- Refresh 0002-use_debian_geoip_database_as_default.diff.
.
python-django (2:2.0.5-1) experimental; urgency=medium
.
* New upstream bugfix release
<https://docs.djangoproject.com/en/2.0/releases/2.0.5/>.
- Rebase and refresh patches.
* Bump Standards-Version to 4.1.4.
.
python-django (2:2.0.4-1) experimental; urgency=medium
.
* New upstream bugfix release
<https://docs.djangoproject.com/en/2.0/releases/2.0.4/>.
* Update Vcs-Git and Vcs-Browser to salsa.
* Bump debhelper compatibility level to 11.
* Drop debian/python-django-doc.examples.
.
python-django (2:2.0.3-1) experimental; urgency=medium
.
* New upstream security release:
- CVE-2018-7536: Denial-of-service possibility in urlize and urlizetrunc
template filters.
- CVE-2018-7537: Denial-of-service possibility in truncatechars_html and
truncatewords_html template filters
.
python-django (2:2.0.2-1) experimental; urgency=medium
.
* New upstream security release:
- CVE-2018-6188: A regression in Django 1.11.8 made
django.contrib.auth.forms.AuthenticationForm run its
confirm_login_allowed() method even if an incorrect password is entered.
This can leak information about a user, depending on what messages
confirm_login_allowed() raises. If confirm_login_allowed() isn't
overridden, an attacker enter an arbitrary username and see if that user
has been set to is_active=False. If confirm_login_allowed() is
overridden, more sensitive details could be leaked.
* Use HTTPS Format: URI in debian/copyright.
.
python-django (2:2.0.1-1) experimental; urgency=medium
.
* New upstream bugfix release.
<https://docs.djangoproject.com/en/2.0/releases/2.0.1/>
* Bump Standards-Version to 4.1.3.
.
python-django (2:2.0-1) experimental; urgency=medium
.
* New upstream stable release.
https://docs.djangoproject.com/en/2.0/releases/2.0/
.
python-django (1:2.0~rc1-1) experimental; urgency=medium
.
* New upstream release candidate.
<https://www.djangoproject.com/weblog/2017/nov/15/django-20-release-candidate-1-released/>
* Drop trailing whitespace in debian/changelog.
.
python-django (1:2.0~beta1-1) experimental; urgency=medium
.
* New upstream beta release of Django 2.0.
<https://www.djangoproject.com/weblog/2017/oct/16/django-20-beta-1-released/>
* debian/watch:
- Use HTTPS URI to avoid debian-watch-uses-insecure-uri warning.
- uversionmangle alpha releases prefixed with "a" (eg. 2.0a1 → 2.0~alpha1)
* Bump Standards-Version to 4.1.1.
.
python-django (1:2.0~alpha1-2) experimental; urgency=medium
.
New upstream alpha release of Django 2.0.
<https://docs.djangoproject.com/en/dev/releases/2.0/>
.
* Drop Python 2.x support:
- Remove python-django and python-django-common binary packages and
splitting logic.
- Drop our local debian/django-admin wrapper, making /usr/bin/django-admin
a symlink to the version under dist-packages.
- Consolidate a number of files under debian/.
- Simplify autopkgtests to reflect lack of Python 2.x support.
.
* deban/control:
- Add Replaces/Breaks on python-django and python-django-common.
- Add Replaces/Breaks/Provodes on python-django-common.
- Bump X-Python-Version to 3.5.
- Bump Standards-Version to 4.1.0.
- Move python-doc Depends to python3-doc.
- Drop extra whitespaces.
- Move sphinx-doc Build-Dependency to python3-sphinx.
.
* debian/rules:
- Correct find(1) call to delete all license files.
- Drop explicitly excluding .js and objects.inv files; this is done by
dh_compress now.
- Be explicit when removing embedded Javascript libraries.
.
* debian/patches/*:
- Update 0002-use_debian_geoip_database_as_default.diff to reflect new
location of base.py.
- Drop 0003-Fixed-test_middleware_classes_headers-if-Django-sour.patch;
merged upstream.
- Refresh 0004-Use-locally-installed-documentation-sources.patch.
- Ensure the default shebang for new projects uses Python 3.x.
- Make patches "pq import -> pq export clean".
.
* Lintian:
- Add "python-script-but-no-python-dep" override for "manage.py-tpl". This
is not a true Python script, it's a template only.
- Add source overrides for "source-contains-prebuilt-javascript-object"
files under django/contrib/admin/static/admin/js. These are not bugs
and/or upstream will not remove them from the orig tarball anyway.
- Add overrides for "no-upstream-changelog"; we ship upstream's excellent
release notes in the python-django-doc package.
- Drop unnecessary overrides.
Checksums-Sha1:
073a41f129e9af95fda45eddbf49ae58ea0a3a46 2741 python-django_2.2.3-2.dsc
ae98283d36287405414c14b8c3410cfa39397b07 25520 python-django_2.2.3-2.debian.tar.xz
0f9ef91405a287da8af612300376cef92b738732 3150796 python-django-doc_2.2.3-2_all.deb
d54c4c9a0d44fe9c24deda7724ea2c835331b8e4 12206 python-django_2.2.3-2_amd64.buildinfo
88af0a9bf5590e8b416a0b4e35c95604fde03a2b 2677252 python3-django_2.2.3-2_all.deb
Checksums-Sha256:
cd42bc70ac1bc2ad142247c1a9a4a48d61e09bcd889d5fd1fc4435b138e5f883 2741 python-django_2.2.3-2.dsc
3d68cfdd5285237939935227bd8be7fa197b7630e7b9b08132d717d39f80efc2 25520 python-django_2.2.3-2.debian.tar.xz
9dfbdd1d4ca34802dec6d3c779d40b14fe95ca272c24939eb3024aeaecf8a5f5 3150796 python-django-doc_2.2.3-2_all.deb
a1f1ec32a0878d06ad4dda1c4c1cb7aca9fe927a89e1dca0139dfcacc9d261ff 12206 python-django_2.2.3-2_amd64.buildinfo
74cf6bf6b7986a03e45631aa0aabd1985c48378313d078bb3f270695c70697f6 2677252 python3-django_2.2.3-2_all.deb
Files:
3740eb893d7367126fb6be918ba2de82 2741 python optional python-django_2.2.3-2.dsc
30b7ffd1230be1e3621862a594d5008b 25520 python optional python-django_2.2.3-2.debian.tar.xz
80565c0d7fe86bf99341baf1ecaf8602 3150796 doc optional python-django-doc_2.2.3-2_all.deb
f84927f5307219cff9dd456ebdb7397f 12206 python optional python-django_2.2.3-2_amd64.buildinfo
f54c710bd9e34fc8101e2a698334a560 2677252 python optional python3-django_2.2.3-2_all.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl0iEz8ACgkQHpU+J9Qx
HliUUQ//U1Yn9ngoazM6CCM8hE5UyFsAUoIlI2DV3eV+2cxwj6ZLli2fWbEz4bse
m3cluubPL9J3E5axaRIvkb7X6Nch9zM3iPwRRlJnbTTXhQdT3IoXx6MXwBtmE9ly
3iXHl1Qa5COnTpVfP1Hvg+c1+UEFOD8r//cyR893yk2ezCFpx8JeDVHhY9lMPuT7
CcyXZya4hABr/E2JyVqQPYAB5reTKs0PmfaufFYPbBQ8aE9d01ktmBV4sxwW+be3
ALK3PVOJN9ckkuop0UHeGUQOCB52Z7RAw1sGpdLzWhvGZkRBV8ck0fNRDT73ZGSD
WWGMG9dTaKYN+n7TtRfXWidoR9KExM/n9+JwyLfBHsuOHi6rMGVwPr3/A41jBLfD
w+f07axhLakg3NgAbfpXRIYrrC+SE8SMaKppv88yEC+aUQtAXblRWgsTaNunaWaz
rmFdHID96FlIX19iU4zbU1KAHma5tovVfIdsLYoxQYJ4e7N4ttQYSaLlu6PMdYjm
cVd8oMyNF3KUhLyP9pE/KPISrm56oPDiGjIaILBEe+xdt0yd9LUW4/E3N5iC02x8
laUyQf4e5j6HHvFqWX3DC4K/RDz+UqVvJm3CckW6Tp8E/orUwaqhUva6fBOo7Csl
SM73//RViw1p0/nSaUrQIWkI1AckjvZQ8o2nPJASSj8wVNRmmHo=
=RoU6
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Python-modules-team
mailing list